dnsmasq Kubernetes CVE 2017-144481

CVE 14491

A vulnerability in dnsmasq, used by kube-dns, requires an upgrade to the kube-dns component. This component is the default DNS component installed in Kubernetes. The vulnerability may be externally exploitable.

The advisory in the kops repository include instructions for upgrading with kops,
when the kops release is cut, and hot-fix instructions. Running one kubectl command
is how I like to patch a CVE. K8s for the win!